Port forwarding on Cisco to localnet

[StarTAC]

hi guys...

i was wondering: i have a Cisco 1601 connected to a telco's frame relay service, which hooks back into an ISP.. the ISP has assigned the customer a public IP with a /24 aggregate... the client runs NAT on the router, using RFC 1918 IPs behind his router...

the public IP from the ISP has been assigned to his router's eth0 interface, and his NAT'ing a 192.168.0.0/24 network....

now, the twist.. he has a web and mail server seated on his internal network... the mail server is 192.168.0.2 and the web server, 192.168.0.3 .. what he needs to do is port forwarding, so that his DNS records have his A and MX records pointing to the public IP assigned to his Cisco's eth0 interface... when that interface receives a packet who's destination is port 25 or 80, it should send that packet to the mail and web server on the internal network...

he is very convinced this will work, as he has done it on Linux before, using a wireless broadband connection...

all advice appreciated.. thanks..

 

[wybnormal]

While I dont quite understand what you are asking, (you answered your own question I think), yes, NAT will do port forwarding just fine.. given the right code level on the router. You could also play with policy routing to route incoming HTTP traffic or SMTP traffic to a certain IP address. The customer is quite correct, it works great on Linux and I use it myself to run my own webmail server and termserver via a DMZ. See the recent thread here about static NAT.

For more NAT info, go to my site:

http://www.packetattack.com/cisco_documents.html

and at the bottom on the left is two links to Cisco's pages on NAT.

MikeS Find me at

http://www.packetattack.com

"The trouble with giving up civil rights is that you never get them back"